Help EFF Test a New Tool To Stop Creepy Online Tracking

An anonymous reader writes "EFF is launching a new extension for Firefox and Chrome called Privacy Badger. Privacy Badger automatically detects and blocks spying ads around the Web, and the invisible trackers that feed information to them. You can try it out today."

Ghostery

Ghostery does a great job of this already... However, the problem with these types of tools is they frequently break some type of (needed) functionality on the site.

7 caught on Slashdot right now.

Re:Ghostery

[CRCulver]

Ghostery is under a proprietary license and Evidon, the company that owns it, is involved in the online advertising industry. I trust the EFF a lot more.

FWIW, though, you can get many of the same benefits of Ghostery without installing that plugin by simply processing its lists through a Privoxy filter (the conversion is fairly easy to script and then automate), so Privoxy zaps all those IPs before they even get to the browser.

Re:Ghostery

[ArmoredDragon]

As of very recently though, Ghostery takes a step further by providing surrogate scripts that replace the function needed by these websites, only without the tracking. It's really nice because you very rarely need to pause it or add exceptions now.

Re:Ghostery

[mysidia]

However, the problem with these types of tools is they frequently break some type of (needed) functionality on the site.

I imagine if any plugin gets /really/ popular, the tracking bugs will get modified so they work again, OR publishers/advertisers may start modifying their content to include tests to ensure the health of the tracking bug, before allowing the visitor to view content.

Maybe you just get half a sheet of text, or the first 1.3 windowfuls, then the site will pick up on the tracking bug being broken, and stop rendering content -- while displaying an error about the need to disable such and such plugin to use the site, or waiting until "countermeasure against tracker bug blocking" succeeds.

Re:Ghostery

[djsmiley]

theres enuf sites that we can go else where.

Re:Ghostery

[PopeRatzo]

Maybe you just get half a sheet of text, or the first 1.3 windowfuls, then the site will pick up on the tracking bug being broken, and stop rendering content

That makes it really easy to determine which web sites I should never visit because the sites purveyors are hostile to my best interests.

I wish sites that are using creepy tracking bugs would act in a manner that made them unusable. It would make life so much easier.

Re:Ghostery

[blackicye]

However, the problem with these types of tools is they frequently break some type of (needed) functionality on the site.

These sites are not going to like the way that users are going to work around this; by visiting other sites.

There is so little unique content being generated now, that will just go to other sites with more progressive privacy policies, or disable the app grudgingly if we're feeling lazy or can't find the content elsewhere, and hold it against them for all eternity.

Re:Ghostery

[GumphMaster]

A radio station I listen to recently rebranded. Their "improved" web site does not deliver content without the WebTrends tracking code being allowed through NoScript/Ghostery. I seems to do do some magic callback foo to achieve this. This behaviour seems to rapidly expanding on the site; I found a page today that required NetCensus tracking as well. Curiously I get more content if I block JS altogether (although not fully functional). http://doublej.net.au/

Re:Ghostery

[mwvdlee]

Slashdot uses creepy tracking bugs.
How come you're commenting here if you never visit this site?

Re:Ghostery

[SuricouRaven]

I wonder if it's be practical to screw the tracking up with false data?

I'm thinking a browser plugin which has a list of tracking server addresses - and a few times each day will swap a randomly picked subset of the cookies for those sites with those of another randomly picked user of the plugin.

Re:Ghostery

[Wootery]

I imagine if any plugin gets /really/ popular, the tracking bugs will get modified so they work again

Maybe, but even an incredibly popular Firefox plugin is still only there for a small percentage of an average page's visitors.

Re:Ghostery

[Charliemopps]

Ghostery does a great job of this already... However, the problem with these types of tools is they frequently break some type of (needed) functionality on the site.

7 caught on Slashdot right now.

The sites are designed that way intentionally. "What if they disable cookies? I know, make cookies required to stay logged in!" etc...

Re:Ghostery

[TheCarp]

Tis true, looking at requestpolicy now it has not loaded content from:
"scorecardsearch.com"
"doubleclick.net"
"gstatic.com"

Not visiting sites that associate with creepy sites is indeed too limiting when there are such simple solutions

Re:Ghostery

[TheCarp]

I think it would be better to just expire them quickly, like say, daily or every browser session, or after every tab close.

Another fun one would be to maintain a list of ad cookies etc...and toss them in a public pool. Whenever you need one, your browser consults the pool and gets one, uses it for a bit, then goes and switches to another one. Do some distributed database poisoning.

Re:Ghostery

[smart_ass]

Most ISPs don't promise/guarantee a static IP, but frequently that is effectively the case.
Combined with browser and version, screen res, OS version, and regional settings ... they can guess that the user is the same one.

If they have people there smarter than me (and I guess they do) they'll be using that info to link potentially different cookies as suspect same cookies.

Re:Ghostery

[flyingfsck]

I just tried it with Badger and Adblock - the site works fine. Usually I use Streamtuner for music and don't bother going to individual web sites, but then I mostly listen to European stations.

Re:Ghostery

[afidel]

And people said carrier grade NAT was a bad thing...

Re:Ghostery

[Sir_Eptishous]

This is why I love slashdot. I had no idea Ghostery had such a conflict of interest. Thanks for that info.
From WP:
"Evidon, the company owning Ghostery, plays a dual role in the online advertising industry. Ghostery blocks sites from gathering personal information. But it does have an opt-in feature named GhostRank that can be checked to "support" them. GhostRank takes note of ads encountered and blocked, and sends that information, though anonymously, back to advertisers so they can better formulate their ads to avoid being blocked.[4]"

Re:Ghostery

[Sir_Eptishous]

This behaviour seems to rapidly expanding

Yes, I have noticed sites I have gone to for years will now not deliver content unless all of their scumbagginess is allowed through...

Bill Hicks quotes on advertising are apropos here.

Re:Ghostery

[Burz]

Use 'DoNotTrackMe' addon. The company that makes it is run by Moxie Marlinspike and has no connection to the ad industry.

Re:Ghostery

[FatLittleMonkey]

A radio station I listen to recently rebranded. Their "improved" web site does not deliver content without the WebTrends tracking code being allowed through

That's bizarre. None of the other ABC properties requires trackers to function. Nor even do the sibling digital radio sites, Triple J and Triple J Unearthed. It's weird that Double J is so completely locked down. ABC is not a commercial company, they're government funded non-commercial.

I wonder if Double J is some kind of commercial partnership? Perhaps the ABC has outsourced it? It wouldn't be the first time they've done stupid things like that, but I thought they'd been burned enough to learn their lesson.

[I listen to their streams through my ISP's mirror, so I don't need the site.]

Re:Ghostery

[Toad-san]

My system caught 8! [phthththth!]

But they're all Green, no worries.

Re:Ghostery

[Toad-san]

Hmmm .. down to five ads, and three of them are red (and blocked)! Interesting.

Re:Ghostery

[Reziac]

Cuz I have javascript off here, and all the creepy tracking sites blocked in HOSTS. I'm not too concerned about their cookies. I am pissed at the way they stall so many sites. So into HOSTS they went.

Conversely I don't mind having slashdot's login cookie, which makes my life easier at no cost to me.

Re:Ghostery

[GumphMaster]

I also listen via my ISP's mirror of the Double J stream. Unfortunately that stream does not carry useful metadata (song titles etc.) that VLC can pick up so when I occasionally want those I need the web site. I will not lose sleep over the loss of the site though.

Re:Ghostery

[PopeRatzo]

I'm wearing protection.

Re:Ghostery

[TheCarp]

> If they have people there smarter than me (and I guess they do) they'll be using that info to link potentially
> different cookies as suspect same cookies.

Actually if they have people smarter than me, then they realize its just random noise and the real customers are paying for volume of data with no way to judge its real quality anyway, so a little poison is just as good as clean grain?

I mean sure they could climb for the higher hanging fruit, but...when they get paid as much even if they pick it up off the ground.... why bother with ladders?

Re:Ghostery

[FatLittleMonkey]

Correction, it's now spread to every ABC site.

What's the difference

[NapalmV]

How's this different or better than adblock / ghostery / flashblock / noscript / do not accept third party cookies ?

Re:What's the difference

[Mitreya]

How's this different or better than adblock / ghostery / flashblock / noscript / do not accept third party cookies ?

Maybe it can replace 2+ of them? That would be nice. Installing 4-5 tools for one task is a pain

Also, NoScript specifically breaks 3 out of 4 websites until you figure out which half-a-dozen domains must execute JavaScript for each damn website. I remember how chase.com had a most fraudulent looking domain in order to let me login to my checking account.

Re:What's the difference

[crow]

This monitors the behavior of web sites, not the function. So if there's a non-advertising site that just puts out tracking bugs, it will get blocked. If there's an advertising site that doesn't send tracking cookies, it won't be blocked. There's no blacklist--it's all based on observed behavior.

Re:What's the difference

[Mashiki]

Also, NoScript specifically breaks 3 out of 4 websites until you figure out which half-a-dozen domains must execute JavaScript for each damn website.

I think you mean website developers are so reliant on JS these days, that they think they can't write a site without such heavy use of it that sneezing at it will break their site.

Re:What's the difference

[mujadaddy]

I think you mean website developers are so reliant on JS these days, that they think they can't write a site without such heavy use of it that sneezing at it will break their site.

Javascript does some good stuff. When I'm building something, I make sure that the good stuff it does is on the same domain as the website on which I want it done, though. Your mileage will vary.

Re:What's the difference

[sjames]

That's the best policy. The problem isn't sites using JS, it's sites sucking in random bits of JS from 5 otrhert domains that each suck in yet more bits from 3 or 4 additional domains.

Generally whjen I see that, I decide they're trying to convince me to just allow all witrhout seeing everything I'm allowing. That, in turn, tells me that that's is the last thing I should do so I leave the page and never go back.

Re:What's the difference

[Arker]

It sounds like a great idea. HTTPS Everywhere is a must have extension, and this looks set to join it. Thanks EFF!

And in a related note, both of these fine extension works fine in Pale Moon, but refuse to install in Seamonkey, which is a deciding factor in which one I am going to use in the future. I dont know why it breaks in Seamonkey but if anyone does please chime in. Is it just a matter of a bad compatibility check or is there more to it?

Re:What's the difference

[FuzzNugget]

It's not that websites shouldn't rely on JavaScript to function, it's that they shouldn't rely on *third-party* JavaScripts from jQuery, a thousand fucking ad servers, a plugin from here and there, Google tracking... that's why what should be a basic website takes forever to load: it's having to make requests to 50 different servers to load a single page.

JavaScript-dependent websites *can* be done properly. Most are not.

Re:What's the difference

[fermion]

not sure. I use a cookie blocker that by default rejects all cookies. I can manually accept cookies, first party cookies are pretty easy to enable, for the session or persistent. With this extension the badger complains it can't do it's job. The difference is that the cookie software shows about 30 third party cookies for slashdot, not sure if the tracking is historical or only for a single page, but the badger shows 5. The difference is that my cookie software rejects all these third party cookies by default, which is the behavior I want, but badger requires you to move a slider and turn off each cookie individually. The setting may be able to change this, I have not looked because any use of the badger reloads the page, thus giving the website more data. In any case, the default behavior should be to reject any third party cookie But cookies are only one way to track users. There are also things like web bugs. Badger says it only deals with tracking cookies. These are threats to privacy, but only one, and we can deal with it with existing technology. Camino, which was started 12 years ago, implemented cookie rejects several years ago.

Re:What's the difference

[Nemyst]

I disagree. If websites relied purely on a single javascript block, then filtering out the tracking, advertising and other bullshitting scripts would be a lot harder than it is now, where most of the external scripts are stuff you want to block. You can generally allow the site itself (and if it's big enough, perhaps a CDN and another domain or two) and you'll get the site without the shit.

Also, hosting relatively large scripts like jQuery on their own, static path helps a lot for caching. You have one copy of the script for dozens of sites, instead of dozens of copies of the same file.

Re:What's the difference

[fustakrakich]

Unfortunately, I can only confirm the problem. It's probably a UI thing, since Firefox is laying on the chrome pretty thick. And I'm not giving up my Netscape either.

Re:What's the difference

[gbjbaanb]

All good in practice, but those site typically use javascript libraries (eg jquery) and they pull in the lib from the original site rather than host it themselves (does this help bandwidth, ie with caching of it?)

i guess you can simply whitelist these library links, but there seems to be so many of them nowadays.

Re:What's the difference

[Sir_Eptishous]

That, in turn, tells me that that's is the last thing I should do so I leave the page and never go back.

The problem with this is that more and more sites are, as you say, sucking in bits from other domains who in turn suck in bits from other domains. I have been using these sorts of tools for a while now and I can say that I'm seeing more of this type of behavior. It really is reprehensible and cowardly on the part of developers or, pardon my french, whoever the fucking idiot is who has to script/link/script/link the crap out of their site like that.

I've started using FF with privacy tools for most sites and then I'll use Chrome for the occasion when it would take me ten minutes to get a site to work correctly.

Re:What's the difference

[phorm]

JS in itself isn't bad, it's how it's used.

What really pisses me off is the people that lazily un-necessarily link to other domains for JS. *WHY* do you need to pull your JS library from Yahoo/Google/etc instead of just hosting a local version? Doing so adds overhead (additional DNS call etc) and allows the remote host to more easily track your users. Not cool!

Re:What's the difference

[sjames]

If they keep that up, some bad guy or another will manage to get some bad JS into a LOT of big sites all at once.

What's somewhat funny about it

[Opportunist]

Install it and it will show you a page where you can link to Twitter, Facebook and Google+ to tell people about how awesome it is.

Is that supposed to be cynical or ... I don't know, I find it kinda funny. Isn't it supposedly blocking pages like that?

Re:What's somewhat funny about it

[The+New+Guy+2.0]

Yep... everybody wants the viral marketing effect. Thing is, all those sites are ad supported.

Re:What's somewhat funny about it

[Opportunist]

Because it's free I must not complain about it?

TANSTAAFL. So what's the price for the lunch? Should I bring the lube along?

Re:What's somewhat funny about it

[Aristos+Mazer]

It isn't a problem to link. The problem is *how* you link.
If you provide a link on your page that a user can click on to go to Twitter/Facebook/G+ and the URL embeds a pre-written "I'd like to tell you about XYZ..." then it is going to go through just fine. If the page pulls an image from Twitter/Facebook/G+ servers in order to draw that link, thus creating a tracking event for those services, then it is going to be flagged by the tool, and the image might at some point be scrubbed if the tool decides that it is being used to track across websites.

Re:What's somewhat funny about it

[causality]

I don't know, I find it kinda sad. Aren't users supposed to be smarter than the people manipulating them?

What did you observe that led you to that conclusion? And ... where can I go to make the same observations?

Problem Illustrated

Does it not illustrate the problem perfectly when you browse to the EFF site pushing an alpha version of a tool to block and the download page has a tracker on it?

Re:Problem Illustrated

[sjames]

Worse, the site that recommends it has multiple trackers on it that Privacy Badger flagged almost immediately.

DUPE!

[The+New+Guy+2.0]

We've already discussed this recently, and the problem is the tracking sites will just go to IP based tracking.

Re:DUPE!

[gl4ss]

and they'll have one visitor from at&t mobile who is obviously flooding the system and ban that.. oh...

Somebody causing trouble?

[The+New+Guy+2.0]

I'm not sure why they're publishing this at EFF... this isn't a new idea, and doesn't work well enough for a retread.

So, let's speculate. Is there an ad provider out of line like DoubleClick was before it was Google. If there is, can't Slashdot call for ISPs to firewall it into non-existance?

Useless colors

Considering the very high rates of red/green colour-blindness, the visual warning is fucking useless. I do not understand how, in a predominantly male industry, programmers don't realise the uselessness of Red Green indicators. Is it so incredibly hard to do blue, red, black? Or some combo that will read for even fray scale colorblindness?

Re:Useless colors

It isn't that it's hard, people just don't know that some colours might be inconvenient. If you want to solve the problem, create an extension to remap the colors, either only on the webpage or the whole screen, into something visible. Not trivial, but certainly much easier than convincing web-designers that their colour-scheme isn't perfect.

Re:Useless colors

[sjames]

The position of the slider is a secondary indicator.

Re:Useless colors

[gbjbaanb]

yeah but what about red/blue/black colourblindness?

My mate is colour blind and he worked for the rail industry.. on signalling. You may think "OMG WTF?!" but he can function in the real world, red is always the one at the top, green at the bottom and they're different shades of grey to him.

Anyway what is it in a predominantly geek users that they can't fucking search for tools to assist them with their disability.

Re:Useless colors

[flyingfsck]

Doesn't matter really - it is always red.

Search engine optimization

[tepples]

Maybe you just get half a sheet of text, or the first 1.3 windowfuls, then the site will pick up on the tracking bug being broken

If a web server is configured to deliver only the abstract to viewers behind user agents that include tracking countermeasures, then it will deliver only the abstract to search engines. They tend to retrieve pages with no JavaScript, no Referer, and no cookies.

Re:Search engine optimization

[mysidia]

then it will deliver only the abstract to search engines. They tend to retrieve pages with no JavaScript, no Referer, and no cookies.

The IP address ranges that search engines crawl from are well known, and they can easily backdoor their countermeasures for search engines alone.

Also, if I recall correctly; Google actually runs javascript.

I'm sure any countermeasure will be designed so the major search engines can index their content

Re:Search engine optimization

[Noah+Haders]

Also, google runs chrome so I don't see why eff is engaging with it.

NAT and proxies

[tepples]

the tracking sites will just go to IP based tracking.

Good luck with IP address-based tracking when you have 10,000 different people behind one IPv4 address. This can happen with carrier-grade NAT, with ISP-wide caching proxies like those used by AOL and the ISP formerly known as Qtel, or with Tor exits.

Or did you mean the other kind of IP?

Re:NAT and proxies

[SuricouRaven]

Problem:
1. Man goes to kinkybondagesmut.com on his PC.
2. Seven-year-old daughter goes to ad-funded sillychildishgame.com on iPad.
3. Ad-network consult their profile and determine this IP address is currently in used by an adult male with an interest in pornograhy.
4. Family consults their local moral crusader organisation. Legal action is taken.

Re:NAT and proxies

[The+New+Guy+2.0]

The advertisers should be smart enough to know that sillychildishgame.com is on the child's iPad because of the ESN being transmitted, and dad's porn site should be smart enough to know that isn't the kid's usage because they most like got his credit card.

Re:NAT and proxies

[SuricouRaven]

It's not going to take much. There are plenty of crusaders around who would love a really clear test case, one where they can easily say 'Ad-company X showed targetted porn to child Y,' because if they can get a victory there it would render porn sites even more toxic to advertisers and force them further still into the internet's shady underground. I've read the publications of organisations like the AFA and FRC, and they generally believe production and distribution of any pornography is or at least should be a criminal act.

They tend to write a lot of articles complaining that the DoJ is making only a token effort at prosecutions. The legal status of pornography in the US is somewhat vague - most states consider actually producing it to be a crime equivilent to prostitution (If you're someone to have sex, it doesn't matter if there's a camera involved), but the actual distribution is legal subject to a tangled mess of regulations both state and federal, most of which are completly ignored anyway.

Re:NAT and proxies

[MobyDisk]

The web browser should not be sending the ESN.

Mushroom mushroom

[tepples]

If EFF is the Privacy Badger, then who's the ARGH! Snake! A snake!

Does it block Piwik Analytics?

[EmagGeek]

Because this is the tracker the EFF has on the download page for "Privacy Badger."

Re:Does it block Piwik Analytics?

[Ford+Prefect]

Piwik is a self-hosted web analytics package. In other words, your visit to an EFF page is being tracked by the EFF.

Re:Does it block Piwik Analytics?

[bananaquackmoo]

I'm guessing his point is that he would prefer it to not be tracked at all.

Re:Does it block Piwik Analytics?

[lemur3]

when did being interested in user logs and usage info become "tracking" (which is, these days, almost universally considered bad)?

Re:Does it block Piwik Analytics?

you guys are aware that scraping the logs of the webservers also gives you some overview of the usage of the site? Is reverse dns-lookup also considered tracking?

my point: monitoring your own site to make it better is fair use, giving this data to other entities is not.

I wonder how it deals with cookies

[willoughby]

I'll check this out - it's nice to see something from EFF that I can install to match my EFF stickers :). I wonder about cookies, tho. IME some websites won't work if you block their cookies & it's better to just accept cookies then delete them after.

Re:One example: Slashdot's owner, Dice Holdings

[PopeRatzo]

I'm guessing that most web sites are made by young women who fancy themselves to be graphic designers

Get the fuck out with your stupid techie misogyny.

If your "guessing" involves generalization to the point of an ugly absurdity, you should check yourself. You make it sound like you have a particular beef, maybe with a particular woman (or women) and now you believe that all bad web code is caused by women. It's a bad place to be.

If you want to say, "I have encountered some young women who fancy themselves graphic designers..." you would at least be on more reasonable ground, but then you need to ask yourself, "Does the fact that this group of people were women really have any impact on my statement?"

Now knock it off. People get skeeved out by misogyny and it's pretty easy to pick up on, so the next time you're looking for a job you might just walk away wondering, "That didn't seem to go well, it's probably because of that woman who interviewed me. They're all whores you know".

I have an idea

[slashmydots]

I should make a competing plugin where all it does is block Facebook completely. That'd probably be about as effective.

Re:Far BETTER tool (Superior to browser addons)

[fizzer06]

You've posted this same thing like, what, four times? I've not seen a response by anyone NOT ANONYMOUS with knowledge of the product you're pushing. I saw the reference to it running Ring 0 and needing Admin rights to install.

So, no. I wouldn't touch that with a 10 foot pole.

I may be wrong about this, but it's better to be safe than re-install my OS.

That's called cloaking

[tepples]

they can easily backdoor their countermeasures for search engines alone.

That's called cloaking, and search engines severely penalize cloakers as they become aware of them.

Re:That's called cloaking

[mysidia]

That's called cloaking, and search engines severely penalize cloakers as they become aware of them.

I see 'cloaking' like things all the time; where the real page comes up with a paywall if you try to access, and it is essentially never really penalized when done by the legitimate websites, so you're observation doesn't quite match reality.

Also it's technically not cloaking if the page content when viewed by a user (without alterations by 3rd party software such as bug blockers or Greasemonkey scripts) matches what the search engine sees.

Re:That's called cloaking

[ShieldW0lf]

Is there any good way to filter sites that offer teasers and paywall additional pages so you don't need to wade through them? Because google top ranks those pages a lot, and it's made it a very inefficient way to find information. It's always high profile sites that used to be big players in the print domain, and I know they're paying google for the exposure. I'd switch to a different search engine if they were uncompromising with those types of teaser-paywall websites. They're just noise, as far as I'm concerned.

Re:That's called cloaking

[mysidia]

Because google top ranks those pages a lot, and it's made it a very inefficient way to find information.

I agree; personally I think Google should have a database of paywalled domains and hide those pages by default Offering a link to 'show paywalled' sites., but otherwise hiding those results (unless they pay to be listed in the little text ads / sponsored search result panel above the normal results).

Re:Far BETTER tool (Superior to browser addons)

[tepples]

I've looked into it. I haven't tried APK's tool myself, seeing as I use Xubuntu on my primary laptop, but I do mention it on my page about a suggestion to improve operating systems' hosts file processing.

Re:Far BETTER tool (Superior to browser addons)

[mmell]

Not sure I'd consider his stuff malware. APK's problem is that he expresses himself with all the eloquence of a drunken baboon with encephalitis.

Host files have their place - management of small networks, intranets, access to darknets, etc. APK is firmly convinced that his hostfile management system is somehow essential to fast, secure internet access. Again, if darknets are your thing, or DNS is somehow just way too insecure or unreliable for your tastes, or if something about RFC01035 is just wrong, give somebody else's product a look. APK makes it a point to threadjack every chance he gets, loads the board with unneeded invective and is in general a nuisance.

In closing - please don't feed the troll. They become dependent upon handouts and unable to function in the real world.

No Thanks...

[MBC1977]

The information they collect is negligible (even in aggregate). I'd rather pay that way, then to pay cash for these services (as this will happen if they can't make revenue via data collection).

Way too easy!

[mmell]

X^D

Unblocking will be abused

[danknight48]

If copies of Privacy Badger have already blocked your domain, you can unblock yourself by promising to respect the Do Not Track header in a way that conforms with the user's privacy policy. You can do that by posting a specific compliant DNT policy to the URL https://example.com/.well-know..., where "example.com" is all of your DNT-compliant domains.

So in other words, To exclude a website from Privacy Badger, all a website needs to do is:
- Copy and paste https://www.eff.org/files/dnt-... to https://mywebsite.com/.well-kn...

Give it a few weeks, let the advert sites copy and paste that file, plugin will be useless.

Re:Unblocking will be abused

[geminidomino]

I saw that too. Decided to stay with Disconnect + NS + RequestPolicy.

There is only one thing you can take for granted for advertising: they will play dirty. If you offer them an olive branch, they'll beat you with it, then try to sell you a salve to make the pain go away. There's no difference in philosophy to that of the spammers of old (who the EFF used to support), and anyone who doesn't understand that has no business making a privacy tool.

Re:One example: Slashdot's owner, Dice Holdings

[sjames]

Sadly, had he said inexperienced wannabe graphic designers, he'd probably be right.

Re:Your response is about your anger, not about wo

[PopeRatzo]

I'm interested to know what theories other people have about the poor use of Javascript.

You mean other than, "Bitches, man, they just don't know how to code, you know? *fistbump*"

Self-Destructing Cookies

[Dr.+Manhattan]

I use the Self-Destructing Cookies add-on. It allows the cookies... but as soon as you move off the page, or close the tab, it dumps the cookies. Sure, I have to re-sign in to some places more, but so what? Add in "clear history when the browser closes" and it's pretty comprehensive.

About the only thing I've run into that it breaks is Disqus logins. But I use a separate browser - which also deletes everything on close - for that.

Re:Self-Destructing Cookies

[geminidomino]

I'm using Self-Destructing Cookies, too, but I haven't found any way to make it delete when you move off the page. The settings just seem to allow deleting them when you close the browser, or the tab. It would be nice, though. Can you tell me how you did it?

Re:Self-Destructing Cookies

[Blue+Stone]

You can white-list sites in Self-Destructing Cookies so their cookies remain untouched.

This site's cookies are destroyed:
1. After you close its tab.
2. After you close the browser.
3 Never.

Re:Self-Destructing Cookies

[Blue+Stone]

Addons > Options > Self Destructing Cookies

First option - grace period. Degault is to delete cookies 10 seconds after a tab is closed.

Maybe you can set the option to notify you of cookie destruction (next option down) to test it?

Re:Self-Destructing Cookies

[Blue+Stone]

Oops, ignore my other reply, I think I see what you mean. You mean simply moving to another tab but leaving the other one open.

Yeah, there's no way to delete cookies on unfocus. Perhaps contact the add-on author and request the feature?

Re:Self-Destructing Cookies

[geminidomino]

Oh, I actually thought you meant moving off the page to another page, in the same tab (e.g., click a link on /., slashdot cookie deletes after X seconds).

Mental Illness

[thewebsiteisdown]

APK Hosts File Engine 9.0++ 32/64-bit:

This guys is obviously mentally ill. Having seen a number of his posts, and having seen him doxed right here on slashdot, it's incredible that he is just persistently returns for the inevitable abuse from the very people he is seeking acceptance from. I assumed the guy was just trolling and being an asshat because someone on /. had pissed him off. Even the most dedicated troll would not take the time to write out these elaborate use cases for his tool. This guy genuinely wants you to LISTEN, and TRY his super awesome software. Another clue is that he places an inordinate amount of emphasis on the 64bit compilation of said software. This has a 'rain man' quality to it that points to some very acute underlying mental disorder. Can we get APK some help? -TWID

Re:Far BETTER tool (Superior to browser addons)

[geminidomino]

What would be really impressive would be the plugin that removes (N + 1) of kookboi's dribblings.

Re:Fairly broken unfortunately

[flyingfsck]

Hmm? What kind of sites are you visiting? Works for me. Oh... wait... maybe I don't really want to know...

Turn around okay.

[MonsterMasher]

I want an application which will allow me to view the NSA/CIA/Whomever is spying on my computer now. (I figure another on was added the other day .. so maybe 4 now. Game players may notice this as a drop in frames (for no reason) and other small problems. I get double tabs sometimes as my command is incorrectly parsed by one of them.)
.
I sure would like to know exactly ALL that they have on me. So happy they are saving everything.. in 5 years or so we will be sending many many people to jail from the Government's data banks, people who broke Oaths and many laws yet still send others to jail.

Also - can't wait to find the "white list" or the list of computers to avoid ..
    There are the people of interest. Those with no internet history.
Got that?
It will soon me the gateway to very very long sentences.. TG!
(It's such an exciting time to be alive!)

From the site's FAQ...

[ProZachar]

"I am an online advertising / tracking company. How do I stop Privacy Badger from blocking me?"

Stop being a scumbag advertising/tracking company.

But I repeat myself.

'Donottrackme' extension has no opt-out for sites

[Burz]

https://addons.mozilla.org/en-...

Nor is the company that makes it attached to the ad industry, unlike ghostery.

Re:Far BETTER tool (Superior to browser addons)

[mythosaz]

You've posted this same thing like, what, four times?>

+5 Funny?

Re:Ghostery = 'Souled-Out' + Inferior

[joemck]

I used hosts based blocking until AdBlock came along.

Procedure for blocking an annoying object with hosts: obtain URL for item, pray it isn't hosted on the same (sub)domain as something you don't want to block, add it to hosts, restart DNS, reload page
Procedure for blocking an annoying object with AdBlock or similar: right-click, block item, adjust filter if the preview shows other things blocked too

Hosts also fails completely at blocking somedomain/images/ads/annoying-blinking-banner.gif while allowing you to browse somedomain. Or completely blocking the the ads YouTube makes you watch before some videos. Or killing the random Facebook "like" buttons everywhere while still allowing you to view the main Facebook site. Or blocking the specific JavaScript file that makes the newest annoying "feature" added to Google work. Or blocking the obnoxious animated avatar/sig some random user on a forum has. --all of which AdBlock does easily.

There are some major perks you get from being further up the stack. Hosts just blocks whole (sub)domains. An HTTP proxy allows blocking based on URL and tweaking things within the page, but is easily defeated by JavaScript or Flash's idiotic habit of ignoring HTTP proxy settings. Browser extensions can see and edit the page *after* any JavaScript has done its thing, and mess with the Flash plugin more directly.

Too many addons

[alexo]

There are too many addons with overlapping functionality.
Disconnect
RequestPolicy
Ghostery
Privacy Badger
and many others...

What is the recommended subset?

Abine's DoNotTrackMe addon

[relaxinparadise]

How is Privacy Badger different from DoNotTrack me? I've been using Abine's addon for some time, but want to know if anyone knows of any advantages or disadvantages to either.

Re:This challenge is to ANY naysayer

[mmell]

You're app's a way to manage hostfiles. I've been using 'vi' for that for decades.

Disrepectful women teach women can't be criticized

[Futurepower(R)]

Angry, disrespectful women teach men to give unthinking reactions. If you allow yourself to be manipulated, do you think they will become respectful? No. They will just note that you are easily manipulated.

Women are far more attracted to men who feel comfortable criticizing them in a sensible manner. Women are sexually attracted to men who have inner strength. They avoid men who seem weak when pushed.

Yesterday I watched a dance competition. I criticized that particular competition as putting pressure on young women to be alike. The woman to whom I mentioned that idea is one of the most attractive women I have ever met. She agreed. I mentioned to her how much I was attracted to her because of the fact that she is strong enough to make her own choices.

When I said, "... most web sites are made by young women who fancy themselves to be graphic designers who use junk Javascript they found somewhere", that was a criticism I first heard from a woman who is an excellent graphic designer. Over many years I saw evidence that she is correct.

Women are people and want to be treated as people.

Re:Disrepectful women teach women can't be critici

[sjames]

My experience is that age and gender have little to do with it. Inexperience and wannabe status seem to be the determining factors.

Re:Disrepectful women teach women can't be critici

[PopeRatzo]

Yesterday I watched a dance competition.

OK, I think we're done here.

Re:One example: Slashdot's owner, Dice Holdings

[PopeRatzo]

You will never succeed in changing us.

You're too late.

"Anonymous Coward"

[mmell]

You'll need to do better than that.

With me driving, yes.

[mmell]

SO - that automatic hostfile exploit of yours keeping the cops from finding your pictures of naked little boys? Or is it just that you're not important enough for the police to go after yet?

But you're still an"Anonymous Coward"?

[mmell]

(n/t)

But you're still an"Anonymous Coward"?

[mmell]

Recursion. It's a beautiful thing.

But I've already beaten you long ago.

[mmell]

Surely you remember - I'd hate to have to give you a man-beating like that again!

Re:Prove you've done more, better, & earlier

[mmell]

Is that all you've got?

CookieController deletes cookies with 1click

[KWTm]

I use Cookie Controller. Among other things, it has a handy button to click on. On the first click, it will wipe out temporary (session) cookies for the site you're on right now. On the second click, it will wipe persistent cookies, too. The third click wipes out session cookies for all sites. A fourth click will wipe all cookies. The button appearance changes to let you know what it's going to do, and in case you forget, hovering over the button brings up a tooltip that tells you what sorts of cookies and how many are about to get wiped.

Very handy now that Google is tracking everything. I don't particularly want all my casual searches to be linked to my Google maps requests and my Google translates.

The plugin doesn't sound as automated as Self-Destructing Cookies, so maybe I will check it out.